package com.baizhi.cmfz.controller;

import cn.hutool.captcha.CaptchaUtil;
import cn.hutool.captcha.CircleCaptcha;
import com.baizhi.cmfz.entity.Admin;
import com.baizhi.cmfz.service.AdminService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.security.Security;
import java.util.Map;

@Controller
@RequestMapping("/admin")
public class AdminController {
    @Autowired
    private AdminService adminService;
    @RequestMapping("getVerify")
    public void getVerify(HttpServletResponse response, HttpSession session) throws IOException {
        CircleCaptcha captcha = CaptchaUtil.createCircleCaptcha(200, 100, 4, 20);
        String realCode = captcha.getCode();
        System.out.println(realCode);
        session.setAttribute("realCode",realCode);
        captcha.write(response.getOutputStream());
    }
    @RequestMapping("login")
    public String login(String username,String password,String code) {
        /*if (adminService.login(username,password,code)) {
            //登录成功跳转
            return "redirect:/jsp/menu.jsp";
        }else {
            return "redirect:/admin/login.jsp";
        }*/
        //1 将页面要验证的东西放进taken
        UsernamePasswordToken token = new UsernamePasswordToken(username,password);
        // 2 获取主体
        Subject subject = SecurityUtils.getSubject();
        // 3进行验证
        //shiro的方式获取HttpSession
        Session session = subject.getSession();
        if (code.equalsIgnoreCase((String) session.getAttribute("realCode"))) {
            try {
                //登录成功 将账户名和密码放进session作用域中
                subject.login(token);
                Admin admin = adminService.selectOneAdmin(username);
                session.setAttribute("admin",admin);
                //代码式授权
                boolean permitted = subject.isPermitted("banner:create");
                if (permitted) {
                    System.out.println("zhangsna 有创建轮播图的权限");
                }
                if (subject.hasRole("admin")) {
                    System.out.println("zhangsa 有管理员的权限");
                }
                return "redirect:/jsp/menu.jsp";
            } catch (AuthenticationException e) {
                System.out.println("认证不通过");
                return "redirect:/user/login.jsp";
            }
        } else {
            return "redirect:/user/login.jsp";
        }
    }

    /**
     * 页面数据展示，要做分页 需要从页面接收两个参数 一个当前页page
     * 一个是每页展示数据的条数limit
     * @param page
     * @param limit
     * @return
     */
    @RequestMapping("showPageAdmin")
    @ResponseBody
    public Map showPageAdmin(int page,int limit) {
        Map map = adminService.showPageAdmin(page,limit);
        return map;
    }
    @RequestMapping("addAdmin")
    @ResponseBody
    public Map addAdmin(Admin admin) {
        return adminService.addAdmin(admin);
    }

    @RequestMapping("updateAdmin")
    @ResponseBody
    public Map updateAdmin(Admin admin) {
        return adminService.updateAdmin(admin);
    }

    @RequestMapping("deleteAdmin")
    @ResponseBody
    //@RequiresRoles("superadmin")//注解式的授权 表示这个角色才有权限执行这个方法，没有权限执行的方法会报异常
    public Map deleteAdmin(int id) {
        return adminService.deleteAdmin(id);
    }
}
